Volodymyr Tkach created DRILL-6257: -------------------------------------- Summary: Sqlline start command with password appears in the sqlline.log Key: DRILL-6257 URL: https://issues.apache.org/jira/browse/DRILL-6257 Project: Apache Drill Issue Type: Bug Reporter: Volodymyr Tkach Assignee: Volodymyr Tkach
*Prerequisites:* *1.* Log level is set to "all" in the conf/logback.xml: {code:xml} <logger name="org.apache.drill" additivity="false"> <level value="all" /> <appender-ref ref="FILE" /> </logger> {code} *2.* PLAIN authentication mechanism is configured: {code:java} security.user.auth: { enabled: true, packages += "org.apache.drill.exec.rpc.user.security", impl: "pam", pam_profiles: [ "sudo", "login" ] } {code} *Steps:* *1.* Start the drillbits *2.* Connect by sqlline: {noformat} /opt/mapr/drill/drill-1.13.0/bin/sqlline -u "jdbc:drill:zk=node1:5181;" -n user1 -p 1234 {noformat} *3.* Use check the sqlline logs: {noformat} tail -F log/sqlline.log|grep 1234 -a5 -b5 {noformat} *Expected result:* Logs shouldn't contain clear-text passwords *Actual result:* The logs contain the sqlline start command with password: {noformat} # system properties 35333- "java" : { 35352- # system properties 35384: "command" : "sqlline.SqlLine -d org.apache.drill.jdbc.Driver --maxWidth=10000 --color=true -u jdbc:drill:zk=node1:5181; -n user1 -p 1234", 35535- # system properties 35567- "launcher" : "SUN_STANDARD" 35607- } {noformat} -- This message was sent by Atlassian JIRA (v7.6.3#76005)